In an episode that underscores the vulnerability of global computer networks, hackers got ahold of login credentials for data centers in Asia used by some of the world’s biggest businesses, a potential bonanza for spying or sabotage, according to a cybersecurity research firm.
The previously unreported data caches involve emails and passwords for customer-support websites for two of the largest data center operators in Asia: Shanghai-based GDS Holdings Ltd. and Singapore-based ST Telemedia Global Data Centres, according to Resecurity Inc., which provides cybersecurity services and investigates hackers. About 2,000 customers of GDS and STT GDC were affected. Hackers have logged into the accounts of at least five of them, including China’s main foreign exchange and debt trading platform and four others from India, according to Resecurity, which said it infiltrated the hacking group.
It’s not clear what — if anything — the hackers did with the other logins. The information included credentials in varying numbers for some of the world’s biggest companies, including Alibaba Group Holding Ltd., Amazon.com Inc., Apple Inc., BMW AG, Goldman Sachs Group Inc., Huawei Technologies Co., Microsoft Corp. , and Walmart Inc., according to the security firm and hundreds of pages of documents that Bloomberg reviewed.
Responding to questions about Resecurity’s findings, GDS said in a statement that a customer support website was breached in 2021. It’s not clear how the hackers obtained the STT GDC data. That company said it found no evidence that its customer service portal was compromised that year. Both companies said the rogue credentials didn’t pose a risk to clients’ IT systems or data.